This OWASP Working Session will explore the Simplified SDL and its 16 security practices and implementation guidance (see reference materials below). The Simplified SDL is a platform-agnostic process for implementing proven application security practices in any size organization.

This working group will discuss the feasibility of create one or more practical, platform-specific resource libraries for each of the security practices in the 16 steps of the Simplified SDL. Further, we will discuss prioritization of the 16 Practices for organizations to implement security in an incremental fashion.

Discuss additional reference materials and identifying publicly-available tools targeting a variety of platforms (web, OSX, Unix, mobile platforms, etc) in an effort to provide practical, platform-specific implementation guidance for each of the security practices in the 16 Steps of the Simplified SDL.

Define the practical “crawl/walk/run” steps for adopting the 16 Practices of the Simplified SDL for development organizations of any size.